This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3139302e3234382e302f32322d3234203d3e20313936393534.roa File: 38352e3139302e3234382e302f32322d3234203d3e20313936393534.roa (raw, json) Hash identifier: xs+O9LY70svMO4My6TAK4dT1lPZW/AXwXonxuWQ6xIU= Subject key identifier: 56:9F:4B:B4:E1:D0:27:87:BF:2C:D0:E9:8F:D6:42:66:A3:0F:4C:C0 Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Certificate serial: 3ABD3B41E6B688CB5FBC9106A3725A60CDBCAE75 Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3139302e3234382e302f32322d3234203d3e20313936393534.roa Signing time: Mon 08 Dec 2025 21:29:47 +0000 ROA not before: Mon 08 Dec 2025 21:24:47 +0000 ROA not after: Mon 07 Dec 2026 21:29:47 +0000 asID: 196954 IP address blocks: 85.190.248.0/22 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 14 Dec 2025 21:34:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3a:bd:3b:41:e6:b6:88:cb:5f:bc:91:06:a3:72:5a:60:cd:bc:ae:75 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Validity Not Before: Dec 8 21:24:47 2025 GMT Not After : Dec 7 21:29:47 2026 GMT Subject: CN=569F4BB4E1D02787BF2CD0E98FD64266A30F4CC0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:41:2f:25:4f:36:bd:9f:2a:94:cc:09:25:97: ed:68:f9:2f:f0:f6:99:27:61:91:58:7c:8d:14:b9: c4:f7:54:dd:a3:65:37:9d:81:5d:19:cf:14:54:c9: 80:6b:b5:0c:67:df:e4:4e:1d:69:c1:d3:d9:c1:f1: 87:78:bf:8e:b4:37:55:7b:8d:e2:9f:bf:d4:c7:7b: 31:8b:1c:85:3f:f5:7c:dd:9c:e7:86:a3:24:4e:58: e2:fe:53:c4:35:92:b1:11:ac:9f:b0:56:3f:da:1c: 87:3d:70:1b:0e:3d:55:cf:94:0a:7d:23:97:80:d2: fd:7f:44:59:06:bf:ae:e8:86:71:f3:28:dd:a5:61: ce:82:32:29:e0:65:c1:02:56:9c:2f:52:a8:3b:e4: 68:00:21:c6:2f:a1:45:e6:76:49:95:07:66:80:d1: 40:a7:c0:ec:5b:e9:96:b5:49:ed:a4:c9:88:af:e1: ed:6c:63:d5:1a:fa:cf:87:fb:77:0c:8b:25:94:a2: b1:1d:b9:94:2a:5b:ef:28:67:20:0f:32:47:77:62: 35:31:b6:ba:31:4b:0e:5d:ab:00:d4:b7:6c:0b:eb: e4:4f:d8:75:3c:ff:a8:35:61:00:49:95:75:41:bf: 57:17:dc:be:77:1d:92:c4:e0:a0:9d:d3:84:8d:c9: b7:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 56:9F:4B:B4:E1:D0:27:87:BF:2C:D0:E9:8F:D6:42:66:A3:0F:4C:C0 X509v3 Authority Key Identifier: keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3139302e3234382e302f32322d3234203d3e20313936393534.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 85.190.248.0/22 Signature Algorithm: sha256WithRSAEncryption 7a:07:62:aa:bf:7c:3b:e2:3f:9f:d0:a7:d9:d5:f7:0d:0d:db: b0:0b:56:d0:44:64:94:0b:81:5f:ab:b3:c3:75:0b:88:17:2e: db:07:ca:8b:c3:4b:01:f1:4b:94:37:31:47:ca:08:15:3e:50: 25:27:01:3b:65:0c:00:ab:69:bf:e9:8f:76:50:6a:2c:9f:46: 49:3b:77:ea:ee:40:67:d9:00:22:24:3c:8c:2f:73:49:48:7b: 25:37:0d:8b:8e:4a:85:1e:d6:ec:1f:bb:00:1b:e9:bc:de:c3: 0b:52:4b:97:96:bb:7e:fa:46:a6:3a:7c:7e:e0:f8:c8:8d:e0: 5b:38:2d:93:3a:28:bc:8a:ad:e0:25:83:de:ed:b6:65:78:c6: 47:a9:80:4b:26:60:cc:49:33:62:05:60:2d:2f:48:14:43:bd: 2d:a6:fd:ac:cb:79:b4:3a:8c:f8:b6:24:e9:eb:9a:02:f6:ae: 9c:89:32:1d:53:5f:3b:df:a2:f6:a8:ad:b2:b3:7d:7a:6d:fe: 0f:e3:cb:d2:3d:a5:d3:5c:dd:ed:1b:77:77:24:6e:f0:a2:4e: d8:00:86:a7:7b:dd:03:87:3a:50:1a:5e:69:6f:14:2d:a7:42: f5:74:ae:8c:66:c7:e0:ad:e0:83:e6:be:94:ea:76:0b:bf:1f: 5b:a8:6f:10 -----BEGIN CERTIFICATE----- MIIFNTCCBB2gAwIBAgIUOr07Qea2iMtfvJEGo3JaYM28rnUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0 ZWE3Nzc5YzAeFw0yNTEyMDgyMTI0NDdaFw0yNjEyMDcyMTI5NDdaMDMxMTAvBgNV BAMTKDU2OUY0QkI0RTFEMDI3ODdCRjJDRDBFOThGRDY0MjY2QTMwRjRDQzAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3QS8lTza9nyqUzAkll+1o+S/w 9pknYZFYfI0UucT3VN2jZTedgV0ZzxRUyYBrtQxn3+ROHWnB09nB8Yd4v460N1V7 jeKfv9THezGLHIU/9XzdnOeGoyROWOL+U8Q1krERrJ+wVj/aHIc9cBsOPVXPlAp9 I5eA0v1/RFkGv67ohnHzKN2lYc6CMingZcECVpwvUqg75GgAIcYvoUXmdkmVB2aA 0UCnwOxb6Za1Se2kyYiv4e1sY9Ua+s+H+3cMiyWUorEduZQqW+8oZyAPMkd3YjUx troxSw5dqwDUt2wL6+RP2HU8/6g1YQBJlXVBv1cX3L53HZLE4KCd04SNybcDAgMB AAGjggI/MIICOzAdBgNVHQ4EFgQUVp9LtOHQJ4e/LNDpj9ZCZqMPTMAwHwYDVR0j BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5 OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2 bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzNTJlMzEzOTMwMmUzMjM0 MzgyZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzMTM5MzYzOTM1MzQucm9hMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJVvvgwDQYJKoZIhvcNAQELBQADggEBAHoHYqq/fDviP5/Qp9nV9w0N27ALVtBE ZJQLgV+rs8N1C4gXLtsHyovDSwHxS5Q3MUfKCBU+UCUnATtlDACrab/pj3ZQaiyf Rkk7d+ruQGfZACIkPIwvc0lIeyU3DYuOSoUe1uwfuwAb6bzewwtSS5eWu376RqY6 fH7g+MiN4Fs4LZM6KLyKreAlg97ttmV4xkepgEsmYMxJM2IFYC0vSBRDvS2m/azL ebQ6jPi2JOnrmgL2rpyJMh1TXzvfovaorbKzfXpt/g/jy9I9pdNc3e0bd3ckbvCi TtgAhqd73QOHOlAaXmlvFC2nQvV0roxmx+Ct4IPmvpTqdgu/H1uobxA= -----END CERTIFICATE-----Generated at Sun Dec 14 08:36:41 2025 by rpki-client